General Data Protection Regulation (GDPR) was passed by the European Union (EU) and impacts all businesses who handle personal information for any EU citizen. These regulations come with expensive fines and penalties.
Who falls under GDPR Regulations?
If you collect data from a European resident, you could be subject to GDPR regulations. This means if you are a company in Texas and you serve customers in Europe, you will most likely have to be GDPR compliant. Click here to read more about who has to follow GDPR outside of Europe. Basic standards are expected for everyone who falls under these requirements.
GDPR Compliance Requirements
If you process data, you have to do so according to seven protection and accountability principles outlined in Article 5.1-2 – these are holistic and apply across your business; not just your IT department.
The GDPR says data controllers have to be able to demonstrate they are GDPR compliant. And this isn’t something you can do after the fact: If you think you are compliant with the GDPR but can’t show how, then you’re not GDPR compliant. Among the ways you can do this:
- Designate data protection responsibilities to your team.
- Maintain detailed documentation of the data you’re collecting, how it’s used, where it’s stored, which employee is responsible for it, etc.
- Train your staff and implement technical and organizational security measures.
- Have Data Processing Agreement contracts in place with third parties you contract to process data for you.
- Appoint a Data Protection Officer (though not all organizations need one — more on that in this article).
CyberCompass® automates compliance with built-in expertise that translates GDPR requirements into layman’s terms. It does most of the heavy lifting with the analysis and compliance documentation to streamline GDPR compliance workflow.
It is cloud-based, so it can be accessed anywhere with no software download. You don’t have to be a GDPR or cybersecurity expert to use CyberCompass®.
Our automation can save your firm over 400 hours in twelve months on becoming and staying compliant.
- Answer one set of simple yes/no questions that meets CCPA regulations
- Flexibility to start and stop – CyberCompass® saves your progress
- Compliance gap report to gain visibility into your non-compliance and top priorities
- Built in step-by-step guide to fix issues and get compliant quickly
- CyberCompass® online vault to save your “body of evidence” in one place
- Manage your third party/vendor compliance to track their compliance. Use our pre-built agreement templates to make record keeping easier.
- Monitor your compliance for 12 months with dashboards and reporting.
- Utilize our built in employees cyber awareness training. CyberCompass® allows to you schedule and track employee competency.